Claims 

What IsXIaimed Is: 




A method for providing information security comprising the steps of: 

determining a digital signature verification error based on a received 
message header identifier associated with a public key certificate identifier; and 
generating a digital signature verification map containing a plurality of 
^acceptable message header identifiers associated with the public key certificate 
10 ictentifier. 

2. The method of claim 1 wherein the step of generating the digital signature 
verification majWcludes storing at least one acceptable message header identifier as a 
digital signature verification map entry in response to determining the digital signature 

1 5 verification error. 

3. The method of claitn 1 wherein the step of generating the digital signature 
verification map includes mapping the plurality of acceptable message header identifiers 
on a per certificate subject identification data basis. 

20 \^ 

4. The method of claim 1 including the step of verifying a digital signature 
associated with received message information based on the digital signature verification 
map. \^ 

\ 

25 5. The method of claim 1 including the s^jep of receiving digital signature 

verification map update data and updating the digital signature verification map with at 

least one acceptable message header identifier ba$$d on a received message header ID. 

\ 

\ 

6. The method of claim 1 wherein the message holder identifier includes at least one 
30 of data representing an email address of a sender, a telephone number of a sender and an 
identifier associated with a sending unit. 
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7. \ The method of claim 1 including the step of digitally signing the digital signature 

verification map to provide a trusted digital signature verification map. 

\ 

8. The^ethod of claim 1 including the steps of: 

generating a trusted alias map containing the plurality of acceptable message 
identifiers and at le,ast one associated subject alias; and 

displaying the^at least one subject alias in response to verifying a digital signature 
associated with the publi&key certificate identifier. 



9. The method of claim 1 wherein the step of determining a digital signature 
verification error includes the steps of 

comparing the public key certifib^te identifier with the message header identifier 
to determine if a mismatch is detected; 
15 if a mismatch is detected, generating a rhismatch notification for an operator; and 

verifying a digital signature based on a verification key associated with the public 
key certificate identifier. 
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A method for providing information security comprising the steps of: 

determining a digital signature verification error based on a received 
message header identifier associated with a public key certificate identifier; 

generating a digital signature verification map containing a plurality of 
ceptable message header identifiers associated with the public key certificate 
identifier by storing at least one acceptable message header identifier as a digital 
signature verification map entry in response to determining the digital signature 
verification error; and 

verifying a digital signature associated with received message information 
10 based on thk digital signature verification map. 

1 1 . The method of claim 10 wherein the step of determining a digital signature 
verification error includes^the steps of: 

comparing the publicskey certificate identifier with the message header identifier 
15 to determine if a mismatch is objected; 

if a mismatch is detected/eenerating a mismatch notification for an operator; and 
verifying a digital signature based on a verification key associated with the 
public key certificate identifier^ 

20 1 2. The method of claim 10 wherein th& step of generating the digital signature 

verification map includes mapping the plurality of acceptable message header identifiers 
on a per certificate subject identification data ba^s. 

\ 

13. The method of claim 1 1 including the step of deceiving digital signature 
25 verification map update data and updating the digital signature verification map with at 

least one acceptable message header identifier based on a received message header ID. 

14. The method of claim 10 wherein at least one of the plurality of message header 
identifiers includes at least one of data representing an email address of a sender, a 

30 telephone number of a sender and an identifier associated with a sending unit. 
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15, x The method of claim 13 including the step of digitally signing the digital 
signature.verification map to provide a trusted digital signature verification map. 



16. The method of ckim 10 including the steps of: 

generating atfri§ted alias map containing the plurality of acceptable 
message identifiers and at Ifea^t one associated subject alias; and 

displaying the at least onefcufrect alias in response to verifying a digital 
signature associated with the public keybertificate identifier. 
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A method for providing information security comprising the steps of: 
\ determining a digital signature verification error based on a received message 
header identifier associated with a public key certificate identifier; and 

uWating a digital signature verification map to add an acceptable message header 
identifier associated with the public key certificate identifier. 
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18. The method of claim 17 including the step of verifying a digital signature 
associated with recei \^d message information based on the digital signature verification 
map. \ 

19. The method of claim lTNvherein the step of determining a digital signature 
verification error includes the steps 

comparing the public key certificate identifier with the message header identifier 

to determine if a mismatch is detected; 

if a mismatch is detected, generating a bwsmatch notification for an operator; and 
verifying a digital signature based on a verification key associated with the public 

key certificate identifier. 
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An apparatus for providing information security comprising: 
a processing module operative to determine a digital signature verification error 
ba^ed on a received message header identifier associated with a public key certificate 
identifier; and operative to generate a digital signature verification map containing a 
plurality of acceptable message header identifiers associated with the public key 
certificat^identifier; and 

memory, ojSeratively coupled to the processing module, containing the digital signature 
verification m 



\ 



10 21. The apparatus\)f claim 20 wherein the memory stores at least one acceptable message 
header identifier as a^digital signature verification map entry. 

\ 

22. The apparatus of\l aim 20 wherein the processing module maps the plurality of 
acceptable message header identifiers on a per certificate subject identification data basis. 

15 \ 

23. The apparatus of claim 20 wherein the processing module includes a 

cryptographic engine operative to yerify a digital signature associated with received 

\ 

message information based on the digital signature verification map. 

\ 

20 24. The apparatus of claim 20 whereik the processing module updates the digital 

signature verification map with at least one^cceptable message header identifier based on 
a received message header DD. \^ 

\ 

25. The apparatus of claim 20 wherein the message header identifier includes at least 
25 one of data representing an email address of a sender,\a telephone number of a sender and 
an identifier associated with a sending unit. 



26. The apparatus of claim 20 wherein the processing module digitally signs the 
digital signature verification map to provide a trusted digital signature verification map. 

30 
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27. The apparatus of claim 20 wherein the processing module generates a trusted alias 
map containing the plurality of acceptable message identifiers and at least one associated 
subject alias, and displays the at least one subject alias in response verifying a digital 
signature associated with the public key certificate identifier. 

5 

28. The apparatus of claim 20 wherein the processing module determines a digital 
signature verification error by comparing the public key certificate identifier with the 
message header identifier to determine if a mismatch is detected; if a mismatch is 
detected, generating a mismatch notification for an operator; and 

1 0 verifying a digital signature based on a verification key associated with the public key 
certificate identifier. 



A storage medium comprising: 
15 £s memory containing executable instructions that when read by one or more 
processing units causes one or more processing units to: 

determine a digital signature verification error based on a received 
message header identifier associated with a public key certificate identifier; and 
generate a digital signature verification map containing a plurality of 
20 acceptable: message header identifiers associated with the public key certificate 

identifier. 



30. The storage medium of claim 29 wherein the memory contains executable 
instructions that cause the one or more processing units to generate the digital signature 
25 verification map by storing at least one acceptable message header identifier as a digital 
signature verification map entry in response to determining the digital signature 
verification error. 



31. The storage medium of claim 29 wherein the memory contains executable 
30 instructions that cause the one or more processing units to map the plurality of acceptable 
message header identifiers on a per certificate subject identification data basis. 
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\32. The storage medium of claim 29 wherein the memory contains executable 
instructions that cause the one or more processing units to verify a digital signature 
associated with received message information based on the digital signature verification 
map. 



33. The storage medium of claim 29 wherein the memory contains executable 
instructions thktcause the one or more processing units to receive digital signature 
verification map update data and update the digital signature verification map with at 
10 least one acceptable message header identifier based on a received message header ID. 



34. The storage mediums^f claim 29 wherein the message header identifier includes at 
least one of data representing an email address of a sender, a telephone number of a 
sender and an identifier associated with a sending unit. 
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35. The storage medium of claim 2^ wherein the memory contains executable 
instructions that cause the one or more processing units to digitally sign the digital 
signature verification map to provide a trusted digital signature verification map. 



20 jb. The storage medium of claim 29 whereinsthe memory contains executable 
instructions that cause the one or more processing units to: 

generate a trusted alias map containing the plurality of acceptable message 
identifiers and at least one associated subject alias; and\^ 

display the at least one subject alias in response verifying a digital signature 
25 associated with the public key certificate identifier. 

^6. The storage medium of claim 29 wherein the memory coWins executable 
instructions that cause the one or more processing units to determine a digital signature 
verification error by: 

30 verifying a digital signature based on a verification key associated with the public 

key certificate identifier; 



if verification^ successful, comparing the public key certificate identifier with 
the message header identifier to determine if a mismatch is detected; and 

if a mismatch is detected, generating^ rpismatch notification for an operator. 
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method for providing information security comprising the steps of: 

crating a trusted alias map containing the plurality of acceptable 
message identifiers and at least one associated subject alias; and 

displaying the"at.teast one subject alias in response to verifying a digital 
signature associated with apbhjic key certificate identifier. 
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p>. The method of claim 37 wherein the step of^nerating the trusted alias map 
includes digitally signing the trusted alias map, and wherekrthe method includes the step 
of verifying trusted alias map digital signature prior to displayuig^he at least one subject 
alias. 



